<?php

	/**
   * add-courses is reached from the manage-courses page, user completes fields
   * and submits to save a course to the pool of offered classes
   * 
   * @Author Tyler Bradovich
   * @Version 1.0
   */

    @session_start();
    require_once 'shared-functions.php';
    require_once 'session.php';
    require_once 'masterpage.php';
    
    if(!IsValidSession())
    {
        header('Location: login.php?page=manage-courses');
        exit();
    }
    else
    {
    	RefreshSession();
    }
	
	$user = GetCurrentUserAccessLevel();
	
	 //Check user access
    if($user != $DIRECTOR && $user != $ADMIN && $user != $PRINCIPLE)
    {
        header('Location: login.php?page=add-courses&error=To access the add courses page, please log in as a director, principle or admin&logout=1');
        exit();
    }

    masterpage("Manage Courses");
	
	echo "<a href='manage-courses.php'>&lt;&lt; Back to Manage Courses</a>";
	
	$CourseName = '';
	$CourseDesc = '';
	$Credits = '';
	$SpecialFee = '';
	$CourseCode = '';
	
	$validInput = true;
	$hideInput = false;
	
	if (isset($_POST['submitted'])) // Clicked submit
	{
		$CourseName = $_POST['CourseName'];
		$CourseDesc = $_POST['CourseDesc'];
		$Credits = $_POST['Credits'];
		$SpecialFee = $_POST['SpecialFee'];
		$CourseCode = $_POST['CourseCode'];
		
		//Default Credits and SpecialFee to 0 if left blank
		if ($Credits == '')
			$Credits = '0';
		if ($SpecialFee == '')
			$SpecialFee = '0';
		
		// Validate Length
		if (strlen($CourseCode) > 8)
		{
			echo "<p class='errorText'>Course Code cannot be more than 8 characters long.</p>";
			$validInput = false;
		}
		// Required fields
		if ($CourseName == '' || $CourseDesc == '' || $CourseCode == '')
		{
			echo "<p class='errorText'>Course Name, Code, and Description are required.</p>";
			$validInput = false;
		}
		else if (!is_numeric($Credits) || !is_numeric($SpecialFee)) // Check numeric-only fields
		{
			echo "<p class='errorText'>Credits and Special Fee can only contain numbers.</p>";
			$validInput = false;
		}
		
		if ($validInput)
		{
			$link = connect_db();
			$query = "INSERT INTO `Course` (Name, Description, Credits, SpecialFee, CourseCode) VALUES ('$_POST[CourseName]', '$_POST[CourseDesc]', '$_POST[Credits]', '$_POST[SpecialFee]', '$_POST[CourseCode]');";
			mysql_query($query, $link);
			if (mysql_affected_rows())
			{
				echo "<br/><br/><strong>Course added</strong>";
				
				echo "<br/><br/>";
				echo "Course Name: $CourseName<br/>";
				echo "Course Code: $CourseCode<br/>";
				echo "Description: $CourseDesc<br/>";
				echo "Credits: $Credits<br/>";
				echo "Special Fee: $SpecialFee<br/>";
			}
			else
			{
				echo "<br/><br/><strong>Course NOT added</strong>";
			}
			
			$hideInput = true;
		}
	}
	
	if (!$hideInput)
	{
		echo "<form action='add-courses.php' method='POST'>";
		echo "	<p>Course Name:<span class='requiredText'>*</span><br/><input type='text' name='CourseName' value='$CourseName'/></p>";
		echo "	<p>Course Code:<span class='requiredText'>*</span><br/><input type='text' name='CourseCode' value='$CourseCode'/></p>";
		echo "	<p>Description:<span class='requiredText'>*</span><br/><textarea name='CourseDesc' rows='3' cols='70'>$CourseDesc</textarea></p>";
		echo "	<p>Credits:<br/><input type='text' name='Credits' value='$Credits'/></p>";
		echo "	<p>SpecialFee:<br/><input type='text' name='SpecialFee' value='$SpecialFee'/></p>";
		echo "	<input type='submit' value='Add Course'><input type='hidden' value='1' name='submitted'/>";
		echo "</form>";
	}
    
    endmasterpage();
?>